# File Signature 2

## Description

My friend said that the previous flag is not the real message! Is this file the one that reveals the truth?

Attachment: `file`

## Solution

<figure><img src="https://3139068166-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F5otAmBnHXiDB0QXOOAMF%2Fuploads%2F8qlFyDu6xzhVgsw8GXZj%2Ffile-signature-2-1.png?alt=media&#x26;token=397d3f88-ed7f-4d09-890e-a6edbb8aa0a2" alt=""><figcaption></figcaption></figure>

Upon running `binwalk` command, we can see that there is a zip file embedded in this JPEG image.

```
binwalk -e file
```

Try extracting the file by running the command above and you will get the zip file.

<figure><img src="https://3139068166-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F5otAmBnHXiDB0QXOOAMF%2Fuploads%2F4Bj0LYzvMZbYqM9pJ6SM%2Ffile-signature-2-2.png?alt=media&#x26;token=35030635-7b47-4097-972a-dbddacd5d781" alt=""><figcaption></figcaption></figure>

It requires a password. The password is `skr` (which is quite guessy imo).

```
cat secret_msg
```

Use `cat` command to see the content in `secret_msg` and you will get the flag.